Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 8, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
254771	6.8	警告	マイクロソフト	-	Microsoft Windows の kernel における権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2009-1127	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254772	10	危険	マイクロソフト	-	Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2009-2523	2010-01-4 15:24	2009-11-10	Show	GitHub Exploit DB Packet Storm

254773	9.3	危険	マイクロソフト	-	Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2009-2512	2010-01-4 15:23	2009-11-10	Show	GitHub Exploit DB Packet Storm

254774	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2722	2010-01-4 14:56	2009-08-10	Show	GitHub Exploit DB Packet Storm

254775	10	危険	アップル VMware サン・マイクロシステムズ	-	Sun Java SE の Provider クラスにおける詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2009-2723	2010-01-4 14:55	2009-08-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 8, 2026, 4:54 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
222221	5.3	MEDIUM Network	limesurvey	limesurvey	Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the default configuration.	CWE-295 Improper Certificate Validation	CVE-2019-16179	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222222	5.4	MEDIUM Network	limesurvey	limesurvey	A stored cross-site scripting (XSS) vulnerability was found in Limesurvey before 3.17.14 that allows authenticated users with correct permissions to inject arbitrary web script or HTML via titles of …	CWE-79 Cross-site Scripting	CVE-2019-16178	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222223	7.5	HIGH Network	limesurvey	limesurvey	In Limesurvey before 3.17.14, the entire database is exposed through browser caching.	CWE-200 Information Exposure	CVE-2019-16177	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222224	5.3	MEDIUM Network	limesurvey	limesurvey	A path disclosure vulnerability was found in Limesurvey before 3.17.14 that allows a remote attacker to discover the path to the application in the filesystem.	NVD-CWE-noinfo	CVE-2019-16176	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222225	4.3	MEDIUM Network	limesurvey	limesurvey	A clickjacking vulnerability was found in Limesurvey before 3.17.14.	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2019-16175	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222226	8.8	HIGH Network	limesurvey	limesurvey	An XML injection vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to import specially crafted XML files and execute code or compromise data integrity.	CWE-611 XXE	CVE-2019-16174	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222227	6.1	MEDIUM Network	liferay	liferay_portal	Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journal_article/page.jsp in journal/journal-taglib.	CWE-79 Cross-site Scripting	CVE-2019-16147	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222228	6.1	MEDIUM Network	padrinorb	padrino-contrib	The breadcrumbs contributed module through 0.2.0 for Padrino Framework allows XSS via a caption.	CWE-79 Cross-site Scripting	CVE-2019-16145	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222229	9.8	CRITICAL Network	dlink	dir-868l_firmware dir-885l_firmware dir-895l_firmware	SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L REVA through 1.20, and DIR-895L REVA through 1.21 devices allows Authentication Bypass, as demonstrated by a direct request to fold…	CWE-287 Improper Authentication	CVE-2019-16190	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm

222230	5.4	MEDIUM Network	limesurvey	limesurvey	LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/Survey_Common_Action.php,	CWE-79 Cross-site Scripting	CVE-2019-16173	2024-11-21 13:30	2019-09-10	Show	GitHub Exploit DB Packet Storm